An Application of the MILS Approach to Secure Information Sharing
Rance DeLong (LynuxWorks, San Jose CA), David Hanz (SRI) and John Rushby (SRI)
Sadly, Dave Hanz died in April 2020. We dedicate
this paper to his memory.
This paper was rejected by ACSAC 2010, but we think it
worth making available.
MILS is an approach to the design of secure systems that supports
modularity. MILS protection profiles encourage development of a COTS
marketplace for trusted components, and the MILS principles for
compositional assurance then allow assurance for the full system
largely to be derived from that of its components. We illustrate the
MILS principles for secure systems design and assurance through an
example in which they are applied to a real system being developed to
support military training in coalition operations.
Having trouble reading our papers?
Return to John Rushby's bibliography page
Return to the Formal Methods Program home page
Return to the Computer Science Laboratory home page